[c-nsp] IOS VPN Client Group Issue

Michael K. Smith - Adhost mksmith at adhost.com
Mon Aug 25 13:39:54 EDT 2008 

Hello Tom:

Here is a configuration snippet from 12.1 which *should* work, provided you have the right train, etc. etc.

http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800ef7ba.shtml

Regards,

Mike

> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net [mailto:cisco-nsp-
> bounces at puck.nether.net] On Behalf Of Thomas Beecher
> Sent: Monday, August 25, 2008 9:37 AM
> To: cisco-nsp at puck.nether.net
> Subject: [c-nsp] IOS VPN Client Group Issue
> 
> I've come across something odd. I think that this is just a simple
> oversight on my part, hopefully another set of eyes will catch this for me.
> 
> I've got a 2621 running 12.2(46a) that I'm using to terminate a few VPN
> tunnels. Right now, I have three point to point tunnels up, and working
> without issue. This morning, I started adding the config for VPN client
> access, and that's where I've getting hung up.
> 
> Under the crypto isakmp client configuration command, I should have a
> 'group' option to setup the VPN group parameters. However, I do not. The
> only option I have is 'address-pool' . As far as I can tell, this image
> should support that command.
> 
> I'm fairly certain that I have the correct aaa commands in place to
> enable group authorization, however there are some pre-existing AAA
> commands on this router that could be hanging me up.
> 
> Here's the aaa config:
> 
> aaa new-model
> aaa authentication login default group tacacs+ line enable
> aaa authentication login rev_tel line enable
> aaa authentication login userauthen local
> aaa authorization network groupauthen local
> 
> Am I missing something painfully obvious here?
> 
> Thanks in advance,
> 
> Tom
> 
> 
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: PGP.sig
Type: application/pgp-signature
Size: 475 bytes
Desc: not available
URL: <https://puck.nether.net/pipermail/cisco-nsp/attachments/20080825/a413efbe/attachment.bin>

More information about the cisco-nsp mailing list